Staff Security Engineer (Blue Team)

About The Position

Requirements

• 5+ years of Security Engineering, Security Operations or Security Architecture experience.
• Experience acting as technical lead to distributed teams consisting largely of remote engineers.
• Experience complying with PCI-DSS and other compliance and regulatory standards.
• Experience with attacker tactics, techniques and procedures.
• Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards.
• Experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports.
• Experience analyzing security events to discern events that qualify as a legitimate security incident as opposed to non-incidents (ie. incident investigation, implementing countermeasures, and conducting incident response).
• Deep understanding of operating system, networking and application concepts.
• Experience hardening Windows, MacOS, Linux Containers and Kubernetes.
• Familiarity with AWS security best practices and Infrastructure-as-Code.
• Experience deploying and maintaining security technologies. (e.g. Access Proxies, API Gateway, Anti-Malware, Application Control, Cloud Security Posture, Data Leak Prevention, Data Mapping, Endpoint Detection & Response, Intrusion Detection System, File Integrity Monitoring, Firewalls, Mobile Device Management, Multi Factor Authentication, SIEM, Static Inspection, Vulnerability Assessment, Web Proxies, WAF and Zero Trust).
• Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers.
• Ability to work during critical incidents or to support coverage requirements.
• Strong English writing and verbal communication skills

Nice To Haves

• CISSP, GCIH or similar certification preferred.

Responsibilities

• Guide and coach Olo's Blue Team on Information Protection, Incident Detection and Response and Service Delivery.
• Provide strategic and technical oversight to the team and the program.
• Technically lead a team of security engineers and analysts who hunt, detect, and respond to internal and external threats.
• Collaborate with customers and partners to strengthen their security posture.
• Drive ongoing optimizations by implementing new technologies, replacing technologies, addressing evolving threats, scaling practices and automating security activities.
• Keep team member and customers data safe by identifying and mitigating vulnerabilities and risks by providing actionable guidance to product teams.
• Lead Olo's Information Protection program including the selection, testing, implementation and maintenance of security tools and services, security awareness, service provider management and the ongoing testing of those controls.
• Oversee Vulnerability Management program including vulnerability assessments, risk scoring and vulnerability resolution.
• Oversee Threat Hunting program to detect and mitigate advanced threats.
• Manage non-event driven security reviews, including concept reviews, design reviews, patching, firewall rules and system configuration checks.
• Apply Web application and API security principles and techniques, such as zero trust, RBAC, authentication, authorization, auditing, rate limiting, challenges, etc., to protect our cloud-based services from unauthorized access and abuse.
• Oversee Incident Detection and Response program including ownership of incident response processes, tools and services and the ongoing continuous improvement of those controls.
• Coordinate the detection and response to attacks through all incident phases.
• Ensure incident reports are accurate, detailed and relevant.
• Monitor, detect, and remediate misconfigurations and security risks across our cloud environments.
• Participate in a 24/7 on-call rotation.
• Oversee Security Services program including security support requests, risk assessments, vendor assessments, PCI and SOC audit support and service provider management.